package cn.jinbyte.web.config;

import lombok.Data;

import java.util.ArrayList;
import java.util.List;

/**
 * SQL注入防护配置
 *
 * @author jinty
 */
@Data
public class SqlInjectionProperties {
    /**
     * 是否启用SQL注入防护
     */
    private boolean enabled = true;

    /**
     * 需要排除的路径
     */
    private List<String> excludePaths = new ArrayList<>();

    /**
     * SQL注入模式正则表达式
     */
    private String pattern = ".*(\\b(select|insert|update|delete|drop|alter|union|exec|execute|xp_cmdshell|sp_)|['\";\\-#]).*";

    /**
     * 是否忽略大小写
     */
    private boolean caseInsensitive = true;
}
